CVE-2019-9879
The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser mutation.
Date published : 2019-06-10
https://github.com/wp-graphql/wp-graphql/releases/tag/v0.3.0